splice:

Cybersecurity for Operational Technology

What is Splice?

SPLICE combines a number of advanced machine learning, security and networking concepts to secure legacy OT/ICS/SCADA and modern I-IoT sensor environments. SPLICE has been specifically designed to require no or minimal reconfiguration and interruption to existing production processes. An Overlay Network is established to abstract the OT network (without requiring any addressing changes on field equipment, HMI's or controllers), allowing for logical isolation and control enhancements (such as authentication offloading, microservice injection and vulnerability shielding) to be built into the network core.

SPLICE provides access control, behavioral profiling, Intrusion Detection, and forensic audit trail of all control network traffic. SPLICE allows you to take back control over insecure API's. Security enhanced microservices are used to encapsulate and strengthen insecure API's. Powerful machine learning algorithms are used to detect anomalous communication between OT devices.

Cybersplice: the logical alternative to air-gaps

Quick intro

PLC Takeover

PLC Ransom

PLC Protection

Applications

SCADA

SPLICE enables sensitive real world interfacing devices to co-exist securely inside existing IT networks.

ICS

SPLICE overcomes device and controller vulnerabilities by building vulnerability shielding, authentication, authorisation and access controls into the network layer.

Embedded

SPLICE logically isolates targets in an encrypted overlay network for centralised profiling, segregation and Intrusion Detection.

I-IoT

With SPLICE there is no need to touch the actual equipment or code.

 

Vulnerability Shielding

For various reasons, it may not be viable to patch vulnerabilities in web based HMI's and Controllers.

SPLICE provides a way to mitigate these vulnerabilities through Security Enhanced Microservices (SEM) by injecting authentication code into the existing communication flow. When a sensitive function is accessed, SPLICE takes over from the normal application flow and requests OTP or password verification before forwarding the request through to the HMI. Using SEM, Role Based Access Control (with or without two factor authentication) can be built into legacy applications without touching the application code. SEM works with both traditional and AJAX based applications.